- Critical security vulnerabilities have been identified in the Broadcom chips
- These defects leave Dell devices containing risky chips
- The resulting attack has been nicknamed “Revault”, and users should patcher now
A multitude of critical security defects in the Broadcom fleas could mean that tens of millions of Dell laptops and other devices are at risk of possible attack.
Serious vulnerabilities have been found in more than 100 DELL portable computers models with Broadcom fleas, revealed Cisco Talos, and therefore may attack researchers nicknamed “Revault”.
A revocation attack could be used “as a physical compromise to bypass the Windows connection and / or so that any local user obtains administration / system privileges”, allowing a hacker to steal sensitive identification information and information, as well as biometric data such as fingerprint information.
Dell laptops at risk
These faults could have a “significant” impact on the victims, and Cisco Talos reports two main attack scenarios; A physical attack and a post-compromise pivot.
As the name suggests, the physical attack refers to a local attacker with access to the victim’s device, accessing the USH card directly on USB with a personalized connector.
From there, vulnerabilities become “in the scope for the attacker without requiring the ability to connect to the system or know a full disk encryption password”. If a system is configured to be unlocked with biometric data, it may be possible to adjust the CV firmware to allow a fingerprint rather than legitimate users.
In a post-compromised pivot, users without administrative privileges can use the CV firmware to trigger the execution of the arbitrary code, and potentially disclose “essential key to device safety”, then to permanently win the firmware.
Dell confirmed that customers have been informed of the available updates that approach vulnerabilities; “By working with our firmware supplier, we discussed the problems that quickly revealed the vulnerabilities reported in accordance with our policy of response to vulnerability.”
“Customers can examine the Dell Security Advisory DSA-2025-053 for information on affected products, versions, etc.
It is not yet clear if these vulnerabilities have been exploited in the wild, but users are of course invited to correct urgently to resolve them, as well as to regularly rotate passwords and use the MFA as far as possible.
